1 /* $OpenBSD: sftp-server.c,v 1.77 2008/02/08 23:24:07 djm Exp $ */
3 * Copyright (c) 2000-2004 Markus Friedl. All rights reserved.
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
20 #include <sys/types.h>
21 #include <sys/param.h>
23 #ifdef HAVE_SYS_TIME_H
24 # include <sys/time.h>
46 #include "sftp-common.h"
49 #define get_int64() buffer_get_int64(&iqueue);
50 #define get_int() buffer_get_int(&iqueue);
51 #define get_string(lenp) buffer_get_string(&iqueue, lenp);
54 LogLevel log_level = SYSLOG_LEVEL_ERROR;
57 struct passwd *pw = NULL;
58 char *client_addr = NULL;
60 /* input and output queue */
64 /* Version of client */
67 /* portable attributes, etc. */
69 typedef struct Stat Stat;
78 errno_to_portable(int unixerrno)
90 ret = SSH2_FX_NO_SUCH_FILE;
95 ret = SSH2_FX_PERMISSION_DENIED;
99 ret = SSH2_FX_BAD_MESSAGE;
102 ret = SSH2_FX_FAILURE;
109 flags_from_portable(int pflags)
113 if ((pflags & SSH2_FXF_READ) &&
114 (pflags & SSH2_FXF_WRITE)) {
116 } else if (pflags & SSH2_FXF_READ) {
118 } else if (pflags & SSH2_FXF_WRITE) {
121 if (pflags & SSH2_FXF_CREAT)
123 if (pflags & SSH2_FXF_TRUNC)
125 if (pflags & SSH2_FXF_EXCL)
131 string_from_portable(int pflags)
133 static char ret[128];
137 #define PAPPEND(str) { \
139 strlcat(ret, ",", sizeof(ret)); \
140 strlcat(ret, str, sizeof(ret)); \
143 if (pflags & SSH2_FXF_READ)
145 if (pflags & SSH2_FXF_WRITE)
147 if (pflags & SSH2_FXF_CREAT)
149 if (pflags & SSH2_FXF_TRUNC)
151 if (pflags & SSH2_FXF_EXCL)
160 return decode_attrib(&iqueue);
165 typedef struct Handle Handle;
171 u_int64_t bytes_read, bytes_write;
181 Handle *handles = NULL;
182 u_int num_handles = 0;
183 int first_unused_handle = -1;
185 static void handle_unused(int i)
187 handles[i].use = HANDLE_UNUSED;
188 handles[i].next_unused = first_unused_handle;
189 first_unused_handle = i;
193 handle_new(int use, const char *name, int fd, DIR *dirp)
197 if (first_unused_handle == -1) {
198 if (num_handles + 1 <= num_handles)
201 handles = xrealloc(handles, num_handles, sizeof(Handle));
202 handle_unused(num_handles - 1);
205 i = first_unused_handle;
206 first_unused_handle = handles[i].next_unused;
208 handles[i].use = use;
209 handles[i].dirp = dirp;
211 handles[i].name = xstrdup(name);
212 handles[i].bytes_read = handles[i].bytes_write = 0;
218 handle_is_ok(int i, int type)
220 return i >= 0 && (u_int)i < num_handles && handles[i].use == type;
224 handle_to_string(int handle, char **stringp, int *hlenp)
226 if (stringp == NULL || hlenp == NULL)
228 *stringp = xmalloc(sizeof(int32_t));
229 put_u32(*stringp, handle);
230 *hlenp = sizeof(int32_t);
235 handle_from_string(const char *handle, u_int hlen)
239 if (hlen != sizeof(int32_t))
241 val = get_u32(handle);
242 if (handle_is_ok(val, HANDLE_FILE) ||
243 handle_is_ok(val, HANDLE_DIR))
249 handle_to_name(int handle)
251 if (handle_is_ok(handle, HANDLE_DIR)||
252 handle_is_ok(handle, HANDLE_FILE))
253 return handles[handle].name;
258 handle_to_dir(int handle)
260 if (handle_is_ok(handle, HANDLE_DIR))
261 return handles[handle].dirp;
266 handle_to_fd(int handle)
268 if (handle_is_ok(handle, HANDLE_FILE))
269 return handles[handle].fd;
274 handle_update_read(int handle, ssize_t bytes)
276 if (handle_is_ok(handle, HANDLE_FILE) && bytes > 0)
277 handles[handle].bytes_read += bytes;
281 handle_update_write(int handle, ssize_t bytes)
283 if (handle_is_ok(handle, HANDLE_FILE) && bytes > 0)
284 handles[handle].bytes_write += bytes;
288 handle_bytes_read(int handle)
290 if (handle_is_ok(handle, HANDLE_FILE))
291 return (handles[handle].bytes_read);
296 handle_bytes_write(int handle)
298 if (handle_is_ok(handle, HANDLE_FILE))
299 return (handles[handle].bytes_write);
304 handle_close(int handle)
308 if (handle_is_ok(handle, HANDLE_FILE)) {
309 ret = close(handles[handle].fd);
310 xfree(handles[handle].name);
311 handle_unused(handle);
312 } else if (handle_is_ok(handle, HANDLE_DIR)) {
313 ret = closedir(handles[handle].dirp);
314 xfree(handles[handle].name);
315 handle_unused(handle);
323 handle_log_close(int handle, char *emsg)
325 if (handle_is_ok(handle, HANDLE_FILE)) {
326 logit("%s%sclose \"%s\" bytes read %llu written %llu",
327 emsg == NULL ? "" : emsg, emsg == NULL ? "" : " ",
328 handle_to_name(handle),
329 (unsigned long long)handle_bytes_read(handle),
330 (unsigned long long)handle_bytes_write(handle));
332 logit("%s%sclosedir \"%s\"",
333 emsg == NULL ? "" : emsg, emsg == NULL ? "" : " ",
334 handle_to_name(handle));
339 handle_log_exit(void)
343 for (i = 0; i < num_handles; i++)
344 if (handles[i].use != HANDLE_UNUSED)
345 handle_log_close(i, "forced");
355 handle = get_string(&hlen);
357 val = handle_from_string(handle, hlen);
367 int mlen = buffer_len(m);
369 buffer_put_int(&oqueue, mlen);
370 buffer_append(&oqueue, buffer_ptr(m), mlen);
371 buffer_consume(m, mlen);
375 status_to_message(u_int32_t status)
377 const char *status_messages[] = {
378 "Success", /* SSH_FX_OK */
379 "End of file", /* SSH_FX_EOF */
380 "No such file", /* SSH_FX_NO_SUCH_FILE */
381 "Permission denied", /* SSH_FX_PERMISSION_DENIED */
382 "Failure", /* SSH_FX_FAILURE */
383 "Bad message", /* SSH_FX_BAD_MESSAGE */
384 "No connection", /* SSH_FX_NO_CONNECTION */
385 "Connection lost", /* SSH_FX_CONNECTION_LOST */
386 "Operation unsupported", /* SSH_FX_OP_UNSUPPORTED */
387 "Unknown error" /* Others */
389 return (status_messages[MIN(status,SSH2_FX_MAX)]);
393 send_status(u_int32_t id, u_int32_t status)
397 debug3("request %u: sent status %u", id, status);
398 if (log_level > SYSLOG_LEVEL_VERBOSE ||
399 (status != SSH2_FX_OK && status != SSH2_FX_EOF))
400 logit("sent status %s", status_to_message(status));
402 buffer_put_char(&msg, SSH2_FXP_STATUS);
403 buffer_put_int(&msg, id);
404 buffer_put_int(&msg, status);
406 buffer_put_cstring(&msg, status_to_message(status));
407 buffer_put_cstring(&msg, "");
413 send_data_or_handle(char type, u_int32_t id, const char *data, int dlen)
418 buffer_put_char(&msg, type);
419 buffer_put_int(&msg, id);
420 buffer_put_string(&msg, data, dlen);
426 send_data(u_int32_t id, const char *data, int dlen)
428 debug("request %u: sent data len %d", id, dlen);
429 send_data_or_handle(SSH2_FXP_DATA, id, data, dlen);
433 send_handle(u_int32_t id, int handle)
438 handle_to_string(handle, &string, &hlen);
439 debug("request %u: sent handle handle %d", id, handle);
440 send_data_or_handle(SSH2_FXP_HANDLE, id, string, hlen);
445 send_names(u_int32_t id, int count, const Stat *stats)
451 buffer_put_char(&msg, SSH2_FXP_NAME);
452 buffer_put_int(&msg, id);
453 buffer_put_int(&msg, count);
454 debug("request %u: sent names count %d", id, count);
455 for (i = 0; i < count; i++) {
456 buffer_put_cstring(&msg, stats[i].name);
457 buffer_put_cstring(&msg, stats[i].long_name);
458 encode_attrib(&msg, &stats[i].attrib);
465 send_attrib(u_int32_t id, const Attrib *a)
469 debug("request %u: sent attrib have 0x%x", id, a->flags);
471 buffer_put_char(&msg, SSH2_FXP_ATTRS);
472 buffer_put_int(&msg, id);
473 encode_attrib(&msg, a);
486 verbose("received client version %d", version);
488 buffer_put_char(&msg, SSH2_FXP_VERSION);
489 buffer_put_int(&msg, SSH2_FILEXFER_VERSION);
497 u_int32_t id, pflags;
500 int handle, fd, flags, mode, status = SSH2_FX_FAILURE;
503 name = get_string(NULL);
504 pflags = get_int(); /* portable flags */
505 debug3("request %u: open flags %d", id, pflags);
507 flags = flags_from_portable(pflags);
508 mode = (a->flags & SSH2_FILEXFER_ATTR_PERMISSIONS) ? a->perm : 0666;
509 logit("open \"%s\" flags %s mode 0%o",
510 name, string_from_portable(pflags), mode);
511 fd = open(name, flags, mode);
513 status = errno_to_portable(errno);
515 handle = handle_new(HANDLE_FILE, name, fd, NULL);
519 send_handle(id, handle);
523 if (status != SSH2_FX_OK)
524 send_status(id, status);
532 int handle, ret, status = SSH2_FX_FAILURE;
535 handle = get_handle();
536 debug3("request %u: close handle %u", id, handle);
537 handle_log_close(handle, NULL);
538 ret = handle_close(handle);
539 status = (ret == -1) ? errno_to_portable(errno) : SSH2_FX_OK;
540 send_status(id, status);
548 int handle, fd, ret, status = SSH2_FX_FAILURE;
552 handle = get_handle();
556 debug("request %u: read \"%s\" (handle %d) off %llu len %d",
557 id, handle_to_name(handle), handle, (unsigned long long)off, len);
558 if (len > sizeof buf) {
560 debug2("read change len %d", len);
562 fd = handle_to_fd(handle);
564 if (lseek(fd, off, SEEK_SET) < 0) {
565 error("process_read: seek failed");
566 status = errno_to_portable(errno);
568 ret = read(fd, buf, len);
570 status = errno_to_portable(errno);
571 } else if (ret == 0) {
572 status = SSH2_FX_EOF;
574 send_data(id, buf, ret);
576 handle_update_read(handle, ret);
580 if (status != SSH2_FX_OK)
581 send_status(id, status);
590 int handle, fd, ret, status = SSH2_FX_FAILURE;
594 handle = get_handle();
596 data = get_string(&len);
598 debug("request %u: write \"%s\" (handle %d) off %llu len %d",
599 id, handle_to_name(handle), handle, (unsigned long long)off, len);
600 fd = handle_to_fd(handle);
602 if (lseek(fd, off, SEEK_SET) < 0) {
603 status = errno_to_portable(errno);
604 error("process_write: seek failed");
607 ret = write(fd, data, len);
609 error("process_write: write failed");
610 status = errno_to_portable(errno);
611 } else if ((size_t)ret == len) {
613 handle_update_write(handle, ret);
615 debug2("nothing at all written");
619 send_status(id, status);
624 process_do_stat(int do_lstat)
630 int ret, status = SSH2_FX_FAILURE;
633 name = get_string(NULL);
634 debug3("request %u: %sstat", id, do_lstat ? "l" : "");
635 verbose("%sstat name \"%s\"", do_lstat ? "l" : "", name);
636 ret = do_lstat ? lstat(name, &st) : stat(name, &st);
638 status = errno_to_portable(errno);
640 stat_to_attrib(&st, &a);
644 if (status != SSH2_FX_OK)
645 send_status(id, status);
667 int fd, ret, handle, status = SSH2_FX_FAILURE;
670 handle = get_handle();
671 debug("request %u: fstat \"%s\" (handle %u)",
672 id, handle_to_name(handle), handle);
673 fd = handle_to_fd(handle);
675 ret = fstat(fd, &st);
677 status = errno_to_portable(errno);
679 stat_to_attrib(&st, &a);
684 if (status != SSH2_FX_OK)
685 send_status(id, status);
688 static struct timeval *
689 attrib_to_tv(const Attrib *a)
691 static struct timeval tv[2];
693 tv[0].tv_sec = a->atime;
695 tv[1].tv_sec = a->mtime;
701 process_setstat(void)
706 int status = SSH2_FX_OK, ret;
709 name = get_string(NULL);
711 debug("request %u: setstat name \"%s\"", id, name);
712 if (a->flags & SSH2_FILEXFER_ATTR_SIZE) {
713 logit("set \"%s\" size %llu",
714 name, (unsigned long long)a->size);
715 ret = truncate(name, a->size);
717 status = errno_to_portable(errno);
719 if (a->flags & SSH2_FILEXFER_ATTR_PERMISSIONS) {
720 logit("set \"%s\" mode %04o", name, a->perm);
721 ret = chmod(name, a->perm & 0777);
723 status = errno_to_portable(errno);
725 if (a->flags & SSH2_FILEXFER_ATTR_ACMODTIME) {
729 strftime(buf, sizeof(buf), "%Y%m%d-%H:%M:%S",
731 logit("set \"%s\" modtime %s", name, buf);
732 ret = utimes(name, attrib_to_tv(a));
734 status = errno_to_portable(errno);
736 if (a->flags & SSH2_FILEXFER_ATTR_UIDGID) {
737 logit("set \"%s\" owner %lu group %lu", name,
738 (u_long)a->uid, (u_long)a->gid);
739 ret = chown(name, a->uid, a->gid);
741 status = errno_to_portable(errno);
743 send_status(id, status);
748 process_fsetstat(void)
753 int status = SSH2_FX_OK;
756 handle = get_handle();
758 debug("request %u: fsetstat handle %d", id, handle);
759 fd = handle_to_fd(handle);
761 status = SSH2_FX_FAILURE;
763 char *name = handle_to_name(handle);
765 if (a->flags & SSH2_FILEXFER_ATTR_SIZE) {
766 logit("set \"%s\" size %llu",
767 name, (unsigned long long)a->size);
768 ret = ftruncate(fd, a->size);
770 status = errno_to_portable(errno);
772 if (a->flags & SSH2_FILEXFER_ATTR_PERMISSIONS) {
773 logit("set \"%s\" mode %04o", name, a->perm);
775 ret = fchmod(fd, a->perm & 0777);
777 ret = chmod(name, a->perm & 0777);
780 status = errno_to_portable(errno);
782 if (a->flags & SSH2_FILEXFER_ATTR_ACMODTIME) {
786 strftime(buf, sizeof(buf), "%Y%m%d-%H:%M:%S",
788 logit("set \"%s\" modtime %s", name, buf);
790 ret = futimes(fd, attrib_to_tv(a));
792 ret = utimes(name, attrib_to_tv(a));
795 status = errno_to_portable(errno);
797 if (a->flags & SSH2_FILEXFER_ATTR_UIDGID) {
798 logit("set \"%s\" owner %lu group %lu", name,
799 (u_long)a->uid, (u_long)a->gid);
801 ret = fchown(fd, a->uid, a->gid);
803 ret = chown(name, a->uid, a->gid);
806 status = errno_to_portable(errno);
809 send_status(id, status);
813 process_opendir(void)
817 int handle, status = SSH2_FX_FAILURE;
821 path = get_string(NULL);
822 debug3("request %u: opendir", id);
823 logit("opendir \"%s\"", path);
824 dirp = opendir(path);
826 status = errno_to_portable(errno);
828 handle = handle_new(HANDLE_DIR, path, 0, dirp);
832 send_handle(id, handle);
837 if (status != SSH2_FX_OK)
838 send_status(id, status);
843 process_readdir(void)
852 handle = get_handle();
853 debug("request %u: readdir \"%s\" (handle %d)", id,
854 handle_to_name(handle), handle);
855 dirp = handle_to_dir(handle);
856 path = handle_to_name(handle);
857 if (dirp == NULL || path == NULL) {
858 send_status(id, SSH2_FX_FAILURE);
861 char pathname[MAXPATHLEN];
863 int nstats = 10, count = 0, i;
865 stats = xcalloc(nstats, sizeof(Stat));
866 while ((dp = readdir(dirp)) != NULL) {
867 if (count >= nstats) {
869 stats = xrealloc(stats, nstats, sizeof(Stat));
872 snprintf(pathname, sizeof pathname, "%s%s%s", path,
873 strcmp(path, "/") ? "/" : "", dp->d_name);
874 if (lstat(pathname, &st) < 0)
876 stat_to_attrib(&st, &(stats[count].attrib));
877 stats[count].name = xstrdup(dp->d_name);
878 stats[count].long_name = ls_file(dp->d_name, &st, 0);
880 /* send up to 100 entries in one message */
881 /* XXX check packet size instead */
886 send_names(id, count, stats);
887 for (i = 0; i < count; i++) {
888 xfree(stats[i].name);
889 xfree(stats[i].long_name);
892 send_status(id, SSH2_FX_EOF);
903 int status = SSH2_FX_FAILURE;
907 name = get_string(NULL);
908 debug3("request %u: remove", id);
909 logit("remove name \"%s\"", name);
911 status = (ret == -1) ? errno_to_portable(errno) : SSH2_FX_OK;
912 send_status(id, status);
922 int ret, mode, status = SSH2_FX_FAILURE;
925 name = get_string(NULL);
927 mode = (a->flags & SSH2_FILEXFER_ATTR_PERMISSIONS) ?
928 a->perm & 0777 : 0777;
929 debug3("request %u: mkdir", id);
930 logit("mkdir name \"%s\" mode 0%o", name, mode);
931 ret = mkdir(name, mode);
932 status = (ret == -1) ? errno_to_portable(errno) : SSH2_FX_OK;
933 send_status(id, status);
945 name = get_string(NULL);
946 debug3("request %u: rmdir", id);
947 logit("rmdir name \"%s\"", name);
949 status = (ret == -1) ? errno_to_portable(errno) : SSH2_FX_OK;
950 send_status(id, status);
955 process_realpath(void)
957 char resolvedname[MAXPATHLEN];
962 path = get_string(NULL);
963 if (path[0] == '\0') {
967 debug3("request %u: realpath", id);
968 verbose("realpath \"%s\"", path);
969 if (realpath(path, resolvedname) == NULL) {
970 send_status(id, errno_to_portable(errno));
973 attrib_clear(&s.attrib);
974 s.name = s.long_name = resolvedname;
975 send_names(id, 1, &s);
984 char *oldpath, *newpath;
989 oldpath = get_string(NULL);
990 newpath = get_string(NULL);
991 debug3("request %u: rename", id);
992 logit("rename old \"%s\" new \"%s\"", oldpath, newpath);
993 status = SSH2_FX_FAILURE;
994 if (lstat(oldpath, &sb) == -1)
995 status = errno_to_portable(errno);
996 else if (S_ISREG(sb.st_mode)) {
997 /* Race-free rename of regular files */
998 if (link(oldpath, newpath) == -1) {
999 if (errno == EOPNOTSUPP
1000 #ifdef LINK_OPNOTSUPP_ERRNO
1001 || errno == LINK_OPNOTSUPP_ERRNO
1007 * fs doesn't support links, so fall back to
1008 * stat+rename. This is racy.
1010 if (stat(newpath, &st) == -1) {
1011 if (rename(oldpath, newpath) == -1)
1013 errno_to_portable(errno);
1015 status = SSH2_FX_OK;
1018 status = errno_to_portable(errno);
1020 } else if (unlink(oldpath) == -1) {
1021 status = errno_to_portable(errno);
1022 /* clean spare link */
1025 status = SSH2_FX_OK;
1026 } else if (stat(newpath, &sb) == -1) {
1027 if (rename(oldpath, newpath) == -1)
1028 status = errno_to_portable(errno);
1030 status = SSH2_FX_OK;
1032 send_status(id, status);
1038 process_readlink(void)
1042 char buf[MAXPATHLEN];
1046 path = get_string(NULL);
1047 debug3("request %u: readlink", id);
1048 verbose("readlink \"%s\"", path);
1049 if ((len = readlink(path, buf, sizeof(buf) - 1)) == -1)
1050 send_status(id, errno_to_portable(errno));
1055 attrib_clear(&s.attrib);
1056 s.name = s.long_name = buf;
1057 send_names(id, 1, &s);
1063 process_symlink(void)
1066 char *oldpath, *newpath;
1070 oldpath = get_string(NULL);
1071 newpath = get_string(NULL);
1072 debug3("request %u: symlink", id);
1073 logit("symlink old \"%s\" new \"%s\"", oldpath, newpath);
1074 /* this will fail if 'newpath' exists */
1075 ret = symlink(oldpath, newpath);
1076 status = (ret == -1) ? errno_to_portable(errno) : SSH2_FX_OK;
1077 send_status(id, status);
1083 process_extended(void)
1089 request = get_string(NULL);
1090 send_status(id, SSH2_FX_OP_UNSUPPORTED); /* MUST */
1094 /* stolen from ssh-agent */
1105 buf_len = buffer_len(&iqueue);
1107 return; /* Incomplete message. */
1108 cp = buffer_ptr(&iqueue);
1109 msg_len = get_u32(cp);
1110 if (msg_len > SFTP_MAX_MSG_LENGTH) {
1111 error("bad message from %s local user %s",
1112 client_addr, pw->pw_name);
1113 sftp_server_cleanup_exit(11);
1115 if (buf_len < msg_len + 4)
1117 buffer_consume(&iqueue, 4);
1119 type = buffer_get_char(&iqueue);
1127 case SSH2_FXP_CLOSE:
1133 case SSH2_FXP_WRITE:
1136 case SSH2_FXP_LSTAT:
1139 case SSH2_FXP_FSTAT:
1142 case SSH2_FXP_SETSTAT:
1145 case SSH2_FXP_FSETSTAT:
1148 case SSH2_FXP_OPENDIR:
1151 case SSH2_FXP_READDIR:
1154 case SSH2_FXP_REMOVE:
1157 case SSH2_FXP_MKDIR:
1160 case SSH2_FXP_RMDIR:
1163 case SSH2_FXP_REALPATH:
1169 case SSH2_FXP_RENAME:
1172 case SSH2_FXP_READLINK:
1175 case SSH2_FXP_SYMLINK:
1178 case SSH2_FXP_EXTENDED:
1182 error("Unknown message %d", type);
1185 /* discard the remaining bytes from the current packet */
1186 if (buf_len < buffer_len(&iqueue)) {
1187 error("iqueue grew unexpectedly");
1188 sftp_server_cleanup_exit(255);
1190 consumed = buf_len - buffer_len(&iqueue);
1191 if (msg_len < consumed) {
1192 error("msg_len %d < consumed %d", msg_len, consumed);
1193 sftp_server_cleanup_exit(255);
1195 if (msg_len > consumed)
1196 buffer_consume(&iqueue, msg_len - consumed);
1199 /* Cleanup handler that logs active handles upon normal exit */
1201 sftp_server_cleanup_exit(int i)
1203 if (pw != NULL && client_addr != NULL) {
1205 logit("session closed for local user %s from [%s]",
1206 pw->pw_name, client_addr);
1212 sftp_server_usage(void)
1214 extern char *__progname;
1217 "usage: %s [-he] [-l log_level] [-f log_facility]\n", __progname);
1222 sftp_server_main(int argc, char **argv, struct passwd *user_pw)
1224 fd_set *rset, *wset;
1225 int in, out, max, ch, skipargs = 0, log_stderr = 0;
1226 ssize_t len, olen, set_size;
1227 SyslogFacility log_facility = SYSLOG_FACILITY_AUTH;
1228 char *cp, buf[4*4096];
1230 extern char *optarg;
1231 extern char *__progname;
1233 /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */
1236 __progname = ssh_get_progname(argv[0]);
1237 log_init(__progname, log_level, log_facility, log_stderr);
1239 while (!skipargs && (ch = getopt(argc, argv, "C:f:l:che")) != -1) {
1243 * Ignore all arguments if we are invoked as a
1244 * shell using "sftp-server -c command"
1252 log_level = log_level_number(optarg);
1253 if (log_level == SYSLOG_LEVEL_NOT_SET)
1254 error("Invalid log level \"%s\"", optarg);
1257 log_facility = log_facility_number(optarg);
1258 if (log_facility == SYSLOG_FACILITY_NOT_SET)
1259 error("Invalid log facility \"%s\"", optarg);
1263 sftp_server_usage();
1267 log_init(__progname, log_level, log_facility, log_stderr);
1269 if ((cp = getenv("SSH_CONNECTION")) != NULL) {
1270 client_addr = xstrdup(cp);
1271 if ((cp = strchr(client_addr, ' ')) == NULL) {
1272 error("Malformed SSH_CONNECTION variable: \"%s\"",
1273 getenv("SSH_CONNECTION"));
1274 sftp_server_cleanup_exit(255);
1278 client_addr = xstrdup("UNKNOWN");
1280 pw = pwcopy(user_pw);
1282 logit("session opened for local user %s from [%s]",
1283 pw->pw_name, client_addr);
1285 in = dup(STDIN_FILENO);
1286 out = dup(STDOUT_FILENO);
1289 setmode(in, O_BINARY);
1290 setmode(out, O_BINARY);
1299 buffer_init(&iqueue);
1300 buffer_init(&oqueue);
1302 set_size = howmany(max + 1, NFDBITS) * sizeof(fd_mask);
1303 rset = (fd_set *)xmalloc(set_size);
1304 wset = (fd_set *)xmalloc(set_size);
1307 memset(rset, 0, set_size);
1308 memset(wset, 0, set_size);
1311 * Ensure that we can read a full buffer and handle
1312 * the worst-case length packet it can generate,
1313 * otherwise apply backpressure by stopping reads.
1315 if (buffer_check_alloc(&iqueue, sizeof(buf)) &&
1316 buffer_check_alloc(&oqueue, SFTP_MAX_MSG_LENGTH))
1319 olen = buffer_len(&oqueue);
1323 if (select(max+1, rset, wset, NULL, NULL) < 0) {
1326 error("select: %s", strerror(errno));
1327 sftp_server_cleanup_exit(2);
1330 /* copy stdin to iqueue */
1331 if (FD_ISSET(in, rset)) {
1332 len = read(in, buf, sizeof buf);
1335 sftp_server_cleanup_exit(0);
1336 } else if (len < 0) {
1337 error("read: %s", strerror(errno));
1338 sftp_server_cleanup_exit(1);
1340 buffer_append(&iqueue, buf, len);
1343 /* send oqueue to stdout */
1344 if (FD_ISSET(out, wset)) {
1345 len = write(out, buffer_ptr(&oqueue), olen);
1347 error("write: %s", strerror(errno));
1348 sftp_server_cleanup_exit(1);
1350 buffer_consume(&oqueue, len);
1355 * Process requests from client if we can fit the results
1356 * into the output buffer, otherwise stop processing input
1357 * and let the output queue drain.
1359 if (buffer_check_alloc(&oqueue, SFTP_MAX_MSG_LENGTH))
andersk / openssh.git / blob